Posted
by
Unknown Lamer
on Thursday May 16, 2013 @08:30AM
from the simulated-centrifuge dept.

msm1267 writes "Conpot, short for Control Honeypot, is one of the first publicly available honeypots for industrial control systems (ICS) and SCADA gear. Built by two researchers from the Honeynet Project, the hope is that others will take what they started, deploy it on their own critical infrastructure networks and share the findings. 'The main goal is to make this kind of technology available for a general audience,' said Lukas Rist, one of the developers. 'Not just for security researchers, but also for people who are sysadmins setting up ICS systems who have no clue what could happen and want to see malware attacks against their systems and not put them in any danger.'"
Unlike previous ICS Honeypots, this one simulates the control systems rather than requiring that you happen to own an actual industrial control system.

Seems like a bit of a catch 22... on one hand the people that own these systems need a reliable and safe way to understand and hopefully mitigate threats... on the other hand, it wasn't too long ago people were bemoaning flight simulators as "terrorism trainers".

> on the other hand, it wasn't too long ago people were bemoaning flight simulators as "terrorism trainers".

Really? People were were they? Anyone doing that has less of a grip on reality than the people who think they are personally Napoleon. I don't see why their opinion needs much consideration. May as well just say "on the other hand, some people are crazy and stupid".

As a sysadmin for a mid sized company looking to get a proprietary ICS from a major powerhouse...Are they going to give you access to the source? If not, How exactly are you supposed to know the weaknesses of the system without some real hardcore testing?Read the literature and take their word for it?

Oh. You just want to be cool and say something anti American. Go on then.

With a software-based ICS simulation, plus the software-based infrastructure within which such simulations must reside, this becomes a GREAT time to invest into virtualization players across the board: hardware, software, security, etc.

For infrastructure security, this is absolutely great news! The tallest barrier to entry for non-professional security researchers is access to both facilities and simulated energy consumption devices... I wonder if these guys will make this available as a VM appliance...